[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACT ION :draft-ietf-pkix-scvp- 00.txt))



> 
> >4) As for 3), but the Smartcard uses biometrics - thumb-print, signature,
> >eye-scan. I guess this is much safer - provided you don't get gory!
> 
> As noted in another message, if one admits the ability to open up the card,
> then the biometric protection is probably not very interesting.  Note that
> the average college physical lab has all one needs to successfully open up
> almost all of these cards and extract private keys, these days, and the
> info on how to do this is being published, removing that barries as well.
> 
Furthermore, one has to implicitely trust the biometric reader. biometric
authentication only really works if the reader is owned by the user.
Otherwise, the authentication is subject to replay.

PatC



References: